ttackers are using increasingly sophisticated methods to hack into business networks. Recent events have shown what happens when malware infects and encrypts systems in an attempt to extract a ransom. Adeptly referred to as “ransomware”, this ploy is the latest, lucrative trend among cyber criminals, leading more and more businesses and authorities to ask whether current measures are enough to keep up with such malicious creativity. This webinar will provide you with an overview of the current state of malware threats while also explaining what you can do to effectively safeguard your business-critical infrastructure.
Cyber criminals know what they’re doing. They invest all of their energy—and a great deal of money—into identifying undiscovered software security gaps. This lets them access sensitive business data before the victim or software developer even knows the gap exists.
Zero-day vulnerabilities are especially lucrative for hackers, as they can steal off with their loot before the clueless victim realises it was even in danger in the first place. And because the vulnerability is initially known only to the hacker, no patches or updates exist. Once the damage is done, the developer is forced to scramble for a solution. So what can you do to protect your company from zero-day attacks?
Vulnerabilities bring in thousands of euros on the darknet, and this lucrative opportunity has not escaped the notice of cyber criminals. Even certain gaps that have already been officially identified find themselves for sale in the shady hinterlands of the Internet. This poses an all-too-real danger, which is why several initiatives are under way to identify and counter zero-day attacks as quickly as possible.
One of them, Google’s Project Zero, has already reported multiple critical software vulnerabilities. TippingPoint’s Zero Day Initiative goes beyond merely recognising and reporting security issues, it also works to fix them before hackers are able to exploit them. Who will win this behind-the-scenes battle: cyber attackers or technology’s modern-day knights in shining armour?
We’ll advise you on all the strategic and technological questions you’ll need to consider in order to defend yourself against zero-day attacks and optimise your security strategy. We’ll also show you which solutions will help you most effectively pre-empt hacker attacks.
Although the cyber heroes in your IT department may be adept at developing effective counter-measures, it’s impossible to do so when you don’t even know a particular threat is looming on the horizon. This is precisely why several coordinated security levels are needed. Traditional antivirus software, spam filters and firewalls alone no longer provide adequate protection. Segmenting your business network, however, more effectively prevents malware from spreading.
In Germany, the Federal Office for Information Security requires data centres to be divided into several areas to safeguard critical infrastructure. Perimeter security keeps an eye on incoming and outgoing data traffic, for example through application delivery firewalls, which ward off DDoS attacks, DNS poisoning and other ill-intentioned schemes. Next-generation firewalls inspect data one more time before they enter your network. And network access control systems ensure that only truly authorised users have access to data.
Amid today’s sophisticated attacks, it’s easy to forget about the traditional ones, which are still the most common. The Petya ransomware made headlines in July 2017 for infecting systems and encrypting computer files worldwide using a vulnerability previously exploited during the WannaCry zero-day attack. Even though a patch had been developed in the meantime, Petya still caused massive damage, as had WannaCry before it.
This example illustrates perfectly why update management is indispensable to any security strategy. Attacks can only be foiled—and zero-day protection thereby maximised – if gaps are quickly and thoroughly closed once they’ve been identified.